北京邮电大学学报

  • EI核心期刊

北京邮电大学学报 ›› 2014, Vol. 37 ›› Issue (3): 83-88.doi: 10.13190/j.jbupt.2014.03.017

• 研究报告 • 上一篇    下一篇

多安全域角色信任访问控制模型

谢丽霞, 薄夫宽, 邓强   

  1. 中国民航大学 计算机科学与技术学院, 天津 300300
  • 收稿日期:2013-09-11 出版日期:2014-06-28 发布日期:2014-06-08
  • 作者简介:谢丽霞(1974-),女,副教授,E-mail:lxxie@126.com.
  • 基金资助:

    国家科技重大专项项目(2012ZX03002002);国家自然科学基金项目(60776807, 61179045);天津市科技计划重点项目(09JCZDJC16800);中国民航科技基金项目(MHRD201009, MHRD201205)

Multi-Domain Role Trust Access Control Model

XIE Li-xia, BO Fu-kuan, DENG Qiang   

  1. School of Computer Science and Technology, Civil Aviation University of China, Tianjin 300300, China
  • Received:2013-09-11 Online:2014-06-28 Published:2014-06-08

摘要:

为解决网络中多安全域间的访问控制难题,提出一种基于角色和信任度的访问控制模型. 将角色和信任度相关联,根据用户角色等级定义角色评价权重,利用角色评价权重和角色行为计算其信任度. 在引入直接信任度、推荐信任度和反馈信任度的基础上,通过调节各自的评价权重参与综合信任度评价,实现了细粒度的访问控制. 在局域网环境下利用web应用系统构建具有多安全域的访问控制模型,并进行了仿真实验,实验结果证明该模型具有较高的安全性、可扩展性和灵活性.

关键词: 访问控制, 角色, 反馈信任度, 综合信任度, 细粒度

Abstract:

To solve the problem of access control among different security domains in networks, an access control model is presented based on role and trust degree. Each role associates with a trust value, the role evaluation weights are defined in terms of user's role rank and the trust degree is calculated according to the role evaluation weights and role behavior. Direct trust degree, recommendation trust degree and feedback trust degree are introduced in this model to achieve fine-grained access control. The three trust degrees mentioned above participate in the comprehensive trust degree evaluation by adjusting their weights. Simulation is conducted in local area network environment in which a web system is used to construct an access control model with multi-domain. Experiment demonstrates that the model is of higher security, expansibility and flexibility.

Key words: access control, role, feedback trust degree, comprehensive trust degree, fine-grained

中图分类号: